FireGen log analyzers are a line of products developed by firewall administrators frustrated by the lack of true security features in existing products.
Their purpose is to replicate the steps that a "real world" firewall administrator would take in analyzing firewall logs:
- Identify the types of events / messages recorded by the firewall
- Provide a quick explanation of what these events are
- Identify what protocols were used and what these protocols mean
- Identify who owns various IP addresses or domain names that appear in the log files
- Perform complex searches (read "regular expressions") in the log files
- Send emails with the report for the last log or last 24 hours of activity